back to article From today, America and UK follow new rules on how they can demand your data from each other

The Data Access Agreement (DAA), by which the US and UK have agreed how one country can respond to lawful data demands from police and investigators in the other, took effect on Monday. The DAA (aka the Access to Electronic Data for the Purpose of Countering Serious Crime) is intended to facilitate cross-border law enforcement …

  1. that one in the corner Silver badge

    CLOUD act

    Well, it has a super-duper-special acronym so we can all trust it, can't we.

    Seriously, they seem to spend more time on making up names of acts which they can use to bamboozle people than the actual content of the acts.

    1. Anonymous Coward
      Anonymous Coward

      Re: CLOUD act

      It may be worth knowing that Microsoft was apparently an active participant in the creation of that law. Given how much data seeps out of their infrastructure (authentication, cloud storage, URL checking, stats) I can see why they wanted that worldwide legal cover.

    2. John Brown (no body) Silver badge

      Re: CLOUD act

      "Well, it has a super-duper-special acronym so we can all trust it, can't we."

      If the new agreement is anything like the the UK RIPA Act, we can probably expect so many loopholes in it that the FBI will be investigating dogs fouling the UK streets and people putting the wrong kind of rubbish in their bins.

      1. unimaginative Bronze badge

        Re: CLOUD act

        That was no loophole.

        The act as originally enacted gave local authorities that power, very clearly. Local authorities do no investigate serious crimes, so what did parliament intend them to use it for?

        These powers were originally handed out very freely - to local authorities, the NHS, the ministry of agriculture.....

        The list has been considerably trimmed down since:

        Still far too long a list IMO.

  2. The Oncoming Scorn Silver badge

    That's A First

    Cops and Feds get easier info sharing, Britain benefits most.

    1. VoiceOfTruth Silver badge

      Re: That's A First

      I am not so sure. What was given away to get it?

      1. Anonymous Coward

        Re: That's A First

        Data Sovereignty?

    2. Anonymous Coward
      Anonymous Coward

      "Britain benefits most"

      Very funny they that. Actually, if you read the CLOUD Act is not that way. It's true that UK (or any other country bending to the Act) gets access to data stored in US about its own citizens, but US gets access to data about your own citizen as well when stored outside US, while you don't get the same level of access to data of US citizens wherever they are stored.

      The CLOUD Act is far from being symmetric like a true MLAT - and it's not surprising since it is a US law written and voted by the US Congress without any other country having any voice.

      1. Anonymous Coward
        Anonymous Coward

        Re: "Britain benefits most"

        So just like the UK/USA extradition treaty then. How surprising.

      2. unimaginative Bronze badge

        Re: "Britain benefits most"

        As far as I can see from the analysis linked to the difference applies to citizens and residents outside each country.

        The other big difference is that the ECHR provides less protection than the US constitution with regard to privacy.

        Given that so much of the data is either in the US or controlled by American companies they negotiated from a position of strength - the US has a unique position of power with regard to the almost anything IT, from hardware to services, particularly when it comes to security and privacy.

    3. Spanners Silver badge

      Re: That's A First

      Britain benefits most.

      That has to either be a misunderstanding or a gross error by the negotiators!

  3. Anonymous Coward
    Anonymous Coward

    USA: Bend Over!

    UK: How far?

  4. amanfromMars 1 Silver badge

    One for Magic Circles/Round Tables/Star Chambers to Address

    The greater problem that the West, and especially NATO and its allies and supporters are not highlighting and drawing your attention to, and which it/they now have to do battle with, or try to make a deal with ITs international intellectual property providers of, is not the supply of information/data/intelligence/metadata which it wants and doesn't have and may wish to suppress and render physically and/or virtually unobtainable, it is prevention of the same being made suddenly unexpectedly public and freely available globally .... for once some of those genies which are manic and chaotic are out of the bottle there is no putting them back and pretending they aren't out there and able to simply cause random and targeted havoc and catastrophic disruption and colossal destruction.

  5. Marki Mark

    serious crime, such as terrorism, transnational organized crime, and child exploitation

    The holy trifecta, I feel safer already

  6. ThatOne Silver badge

    "there are comparatively fewer UK companies holding data of interest to US law enforcement"

    Come on, most baddies in the movies have British accents... The UK is an incubator for world-domination seeking evil masterminds, every child knows that!

    1. Anonymous Coward
      Anonymous Coward

      And every child knows Bruce Willis always sorts out these evil masterminds.

      1. John Brown (no body) Silver badge

        (deep)fakr news!!!

  7. Paul Smith

    GDPR ?

    This deal would appear to allow the UK authorities to request information about non-UK citizens (as long as they are not US citizens) if that information is stored in the US, and allow the US to request information about non-UK citizens that is stored in the UK. Anybody providing that information will have to deal with the consequences of being forced to be in breach of GDPR. This could get entertaining...

    1. Cynical Pie

      Re: GDPR ?

      GDPR isnt applicable here as data for law enforcement purposes is specifically outside of GDPR's remit.

      It falls under the Law Enforcement directive. Same principles in essence but different piece of legislation.

      That is why we have the DPA 2018 as it effectively implements both GDPR and the LED.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like